CVE-2026-27494 n8n has Arbitrary File Read via Python Code Node Sandbox Escape

n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could use the Python Code node to escape the sandbox. The sandbox did not sufficiently restrict access to certain built-in Python...

CVE-2026-27494 n8n has Arbitrary File Read via Python Code Node Sandbox Escape

n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could use the Python Code node to escape the sandbox. The sandbox did not sufficiently restrict access to certain built-in Python...

CVE-2026-27494 n8n has Arbitrary File Read via Python Code Node Sandbox Escape

n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could use the Python Code node to escape the sandbox. The sandbox did not sufficiently restrict access to certain built-in Python...

CVE-2026-27494

CVE-2026-27494 affects the open-source workflow platform n8n. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could use the Python Code node to escape the sandbox, gaining access to built-in Python objects and potentially exfiltra...

CVE-2026-27494

n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could use the Python Code node to escape the sandbox. The sandbox did not sufficiently restrict access to certain built-in Python...

EUVD-2026-8761

n8n: Expression Sandbox Escape Leads to RCE...

CVE-2026-27493 n8n has Unauthenticated Expression Evaluation via Form Node

n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, a second-order expression injection vulnerability existed in n8n's Form nodes that could allow an unauthenticated attacker to inject and evaluate arbitrary n8n expressions by submitting crafted form...

CVE-2026-27493 n8n has Unauthenticated Expression Evaluation via Form Node

n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, a second-order expression injection vulnerability existed in n8n's Form nodes that could allow an unauthenticated attacker to inject and evaluate arbitrary n8n expressions by submitting crafted form...

CVE-2026-27493

CVE- is associated with a GitHub Advisory for n8n: Unauthenticated Expression Evaluation via Form Node. The issue is a second‑order expression injection in n8n Form nodes that lets an unauthenticated attacker inject and evaluate arbitrary expressions when a crafted form value is submitted. Exploi...

n8n has a Sandbox Escape in its JavaScript Task Runner

Impact An authenticated user with permission to create or modify workflows could exploit a vulnerability in the JavaScript Task Runner sandbox to execute arbitrary code outside the sandbox boundary. On instances using internal Task Runners default runner mode, this could result in full compromise...

EUVD-2026-8758

n8n has a Sandbox Escape in its JavaScript Task Runner...

GHSA-JJPJ-P2WH-QF23 n8n has a Sandbox Escape in its JavaScript Task Runner

Impact An authenticated user with permission to create or modify workflows could exploit a vulnerability in the JavaScript Task Runner sandbox to execute arbitrary code outside the sandbox boundary. On instances using internal Task Runners default runner mode, this could result in full compromise...

EUVD-2026-8757

n8n has Arbitrary File Read via Python Code Node Sandbox Escape...

GHSA-MMGG-M5J7-F83H n8n has Arbitrary File Read via Python Code Node Sandbox Escape

Impact An authenticated user with permission to create or modify workflows could use the Python Code node to escape the sandbox. The sandbox did not sufficiently restrict access to certain built-in Python objects, allowing an attacker to exfiltrate file contents or achieve RCE. On instances using...

n8n has Arbitrary File Read via Python Code Node Sandbox Escape

Impact An authenticated user with permission to create or modify workflows could use the Python Code node to escape the sandbox. The sandbox did not sufficiently restrict access to certain built-in Python objects, allowing an attacker to exfiltrate file contents or achieve RCE. On instances using...

GHSA-75G8-RV7V-32F7 n8n has Unauthenticated Expression Evaluation via Form Node

Impact A second-order expression injection vulnerability existed in n8n's Form nodes that could allow an unauthenticated attacker to inject and evaluate arbitrary n8n expressions by submitting crafted form data. When chained with an expression sandbox escape, this could escalate to remote code...

n8n has Unauthenticated Expression Evaluation via Form Node

Impact A second-order expression injection vulnerability existed in n8n's Form nodes that could allow an unauthenticated attacker to inject and evaluate arbitrary n8n expressions by submitting crafted form data. When chained with an expression sandbox escape, this could escalate to remote code...

Arbitrary Code Injection

Overview @enclave-vm/ast is a production-ready, extensible AST validator for JavaScript with rule-based validation Affected versions of this package are vulnerable to Arbitrary Code Injection by escaping the enclave sandbox. An attacker can pollute the Object constructor rather than the intended...

GHSA-F229-3862-4942 @enclave-vm/core is vulnerable to Sandbox Escape

Summary It is possible to escape the security boundraries set by @enclave-vm/core, which can be used to achieve remote code execution RCE. The issue has been fixed in version 2.11.1. --- Details It is possible to obtain the native Object constructor instead of the SafeObject wrapper. This can be...

@enclave-vm/core is vulnerable to Sandbox Escape

Summary It is possible to escape the security boundraries set by @enclave-vm/core, which can be used to achieve remote code execution RCE. The issue has been fixed in version 2.11.1. --- Details It is possible to obtain the native Object constructor instead of the SafeObject wrapper. This can be...